Adding an ‘S’ to your MSP

By Fortra's Digital Defense

Over the past year, I’ve talked to several Managed Service Providers (MSPs) that stated they are making the shift towards becoming a Managed Security Service Provider, or MSSP.   But what does that mean, and what is required to add this simple letter? 

To begin with, it’s not so simple.  A true MSSP provides a 7/24/365 security operations center (SOC) staffed with highly compensated engineers with advanced security certifications.  Their skills and capabilities are sophisticated and focused solely on thwarting cyber threats.  By my definition, a true-MSSP has a level of capability and staffing resources beyond what most MSPs can develop on their own. 

And while an MSP may state they aspire to be an MSSP, most are really just wanting to develop a good managed security practice that provides advanced cybersecurity services and solutions.  Of course, another key motivation is to capture the additional monthly recurring revenue (MRR) that comes along with it. 

I’m relatively certain that most MSPs are providing security in the form of endpoint management, patching, firewalls and anti-malware solutions.  But with today’s cybersecurity threat landscape these services alone are not sufficient to protect most clients’ networks. 

The MSP needs to offer services such as penetration testing, advanced malware detection, threat intelligence and sandboxing, identity and access management along with acquiring the advanced skills and capabilities to deliver the services. 

Get Started on a Go-to-Market (GTM) Strategy

To begin with, the MSP should understand what types of cybersecurity services their clients need.  This starts with analyzing their client base and understanding the drivers of their clients’ industry. 

  • Do they have specific compliance needs such as financial or healthcare?
  • Do they process credit cards?
  • Do they store private data and personal identification information?

These clients, and prospects like them, will be the prime targets for the managed security offering.

Selecting Cybersecurity Partners

The most effective way to add the ‘S’ to your MSP is by partnering with key vendors, providers and true-MSSPs.  And, as with all things MSP, choosing the right vendor(s) will have a long-lasting impact on the business.

Selecting cybersecurity vendor partners is one of the more crucial decisions the MSP business owner will make.  Aside from having a technically astute solution that works as advertised, the MSP should also consider other critical factors about the partner program such as:

  • Pre-sales engineering support
  • Post-sales technical support
  • Technical training for MSP staff
  • Channel friendliness
  • Licensing and billing compatible with MSP invoicing practices
  • Marketing collateral and lead generation
  • Sales enablement training

MSP best practices suggest standardizing on fewer vendors, not more.  This allows the MSP to be more focused on creating processes and depth of knowledge for those vendor solutions. 

Operational Processes, Agreements and Metrics

Aside from marketing, selling and deploying cybersecurity solutions the MSP must also develop internal processes and metrics to successfully manage.  Developing meaningful key performance indicators (KPIs) is important to ensure the managed security practice is profitable. 

The MSP should revise and update their Master Services Agreement (MSA) and Statements of Work (SOW) to ensure they reflect the additional risks, liabilities, indemnification and force majeure of the security offerings.  While you’re at it, update for the pandemic. This is often overlooked and can potentially cause significant legal issues if not addressed properly.

*  *  *  *  *

Developing a security practice can be one of the most profitable endeavors that MSPs undertake.  And, if not done correctly, may also be a costly endeavor.

The MSP will need to make investments in order to develop a successful and notable managed security practice.  However, the good news is that there is a lot of help out there for MSPs including webinars, podcast, blogs, peer groups, and vendor resources.  Just focus on the steps outlined above and you’ll be well on your way.

If you want to hear more about these topics, be sure to check out the upcoming webcast series from Digital Defense, Inc., makers of Frontline.CloudI’ll be hosting this 3-part series along with featured MSP guests sharing their experience on how they built a successful managed security practice.


Tommy Wald is President of TW TechVentures, LLC and author of The MSP CEO: A Guide to Building a Successful MSP Business.   You may contact him at [email protected], or go to

About Digital Defense

Our Frontline.Cloud SaaS platform supports Frontline Vulnerability Manager™Frontline Web Application Scanning™, and Frontline Active Threat Sweep™ that together provide:

  • Asset discovery and tracking
  • OS and web application risk assessment
  • Targeted malware threat assessment
  • Machine learning features that leverage threat intelligence
  • Agentless & agent-based scanning
  • Penetration testing for networks, mobile applications, and web applications
  • Compliance management. One of the world’s longest tenured PCI-Approved Scanning Vendors

The Frontline.Cloud platform virtually eliminates false-positives associated with legacy vulnerability management solutions, while also automating the tracking of dynamic and transient assets and prioritizing results based on business criticality. Learn more.

Share This